A simple concept to limit blog comment spam

First off, this is a quick post. I am writing this now because it is something I have recently been practicing with great success and Im afraid if I wait too long to discuss it, someone will beat me to it.

 Anyone who has a blog knows that comment spam is a HUGE pain in the ass. There are many MANY solutions out there to deal with the ever increasing volume of blog comment spam. These solutions range from simple captcha, to simple mathmatical questions (ie: what is 4 plus 9?) to some even more esoteric solutions (Sidenote: The Hacker Webzine is a blog I can't recommend enough for people interested in Internet Security). While the solution presented on the Hacker Webzine link just mentioned seems to be very effective, I'd like to propose to you all a much more unorthodox method to go about combating Comment Spam. 

A normal captcha presents some data (usually in the form of a rastered image) and asks a user to interpret and enter that data to be validated by the script. This is very effective but recently many systems which employ it (Digg?) have had their captcha's cracked via rather reliable methods. What does this mean? It means its time to start thinking about the next big thing to prevent comment spam! Captcha by themselves range at about 70% efficiency in preventing spam comments, but there are always those that slip through. Especially when we are dealing with others (like myself and probably many of the readers here) who have enough creativity and drive to come up with new techniques and tricks.

I would like to suggest a Reverse Captcha. In addition to the captcha you already use, consider this: Create a blank text field and give it a name that you expect to get recognized by a spam bot...for example, if your comment form does not ask the person to enter their email twice, create a text field that is called email2. Make this field as you normally would, but use CSS rules to make it invisible to the user (dont use display:none;) then write a back-end script that validates the comment form by checking for data in that hidden email2 field.

if (!empty($_POST['email2'])) { die("Sorry sucka.") };

If your script detects that there is a value passed from that field then it can safely assume that the comment was not submitted by a human because any human viewing the screen will not ever see that field. Bam, you've just made yourself a reverse captcha.  

Apply this very simple concept to your pre-existing comment form and I guarantee you will see a dramatic decrease in your comment spam.

And for all my Black Hat's out there....one more fucking thing for you to consider. Time to up your game again!